HP.Software.Update.Tool.ActiveX.Control.File.Overwrite
Description
This indicates an attempt to exploit an arbitrary file overwrite vulnerability in HP Software Update, shipped with many HP systems.
The vulnerability is due to a design weakness in an ActiveX component that is used to download patches and updates for HP software. A remote attacker can exploit the vulnerability by persuading a target user to open a malicious web page that can then overwrite sensitive files on the local file system. By doing this the attacker can corrupt the operating system and/or execute arbitrary code with the privileges of the logged in user.
Affected Products
HP Software Update 3.0.8.4
Impact
System Compromise: privilege escalation
Recommended Actions
Refer to HPSBGN02301 SSRT071508 rev.2 for patch, upgrade, or suggested workaround information:
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |